<?php
include($_SERVER["DOCUMENT_ROOT"]."/bob.php");
include($_SERVER["DOCUMENT_ROOT"]."/fonctions_globales.php");
$mysqli = new_mysqli($host, $user, $password, $database); //connection à la DB

if(get_data_in_db($mysqli, "gens", "user_id", $_SESSION['id'], "user_level")!='1'){
	header("Location: /"); exit();}

$idfrum=get_num(@$_GET['id']);
$idfrum_select=get_num(@$_POST['idforum']);
$texte = $mysqli->real_escape_string(get_data_ss_tag(@$_POST['desc']));
$nom = $mysqli->real_escape_string(get_data_ss_tag(@$_POST['nom']));
$verrouille=get_num(@$_POST['verouillage']);
$vue=get_num(@$_POST['vue']);
$ordre=get_num(@$_POST['ordr']);
$categ=get_num(@$_POST['categ']);
$direction=get_num(@$_POST['direct']);
$postage=get_num(@$_POST['postage']);

if(@$_POST['modif']=="New") { //new frum
	mysqli_query_with_error($mysqli, "INSERT INTO forums(forum_name, forum_desc, forum_status, forum_order, cat_id, auth_view, auth_post)	 
	 VALUES('$nom', '$texte', '$verrouille', '$ordre', '$categ', '$vue', '$postage')"); 
}

if(@$_POST['modif']=="Modif"){ //modif
	 if(@$_POST['suppr']=="1"){
		mysqli_multi_query_with_error($mysqli, "UPDATE forum_topics SET forum_id='$direction' WHERE forum_id='$idfrum_select'; 
		UPDATE forum_posts SET forum_id='$direction' WHERE forum_id='$idfrum_select'; DELETE FROM forums WHERE forum_id='$idfrum_select';");
	 }
	 else {
		 mysqli_query_with_error($mysqli, "UPDATE forums SET forum_name='$nom', forum_desc='$texte', forum_status='$verrouille', cat_id='$categ', 
		 forum_order='$ordre', auth_view='$vue', auth_post='$postage' WHERE forum_id='$idfrum_select';");
		/*TODO changement d'icone, vois si on garde si oui, actualiser)
		if($_FILES['icon']['name'] != "") {
			   $nomfichier=get_data_ss_tag($_FILES['icon']['name']);
			   $fichier = 'ok';

			   if($_FILES['icon']['size'] == 0) {
				echo "bug de taille<br>";
				$fichier = 'nan';
			   }
			   else if(!ereg("image",@$_FILES['icon']['type'])) {
				echo"<font color='#FF0000'>Le fichier envoyé n'est pas une image graphique</font><br>";
				$fichier ='nan';
			   }
			   else if(! ereg("^[A-Za-z 0-9\.\ -]{0,30}$", @$_FILES['avat1']['name'])) {
				echo"<font color='#FF0000'>Ce nom de fichier n'est pas valide. Il ne doit pas comporter
			 d'accent ni de caractères spéciaux et ne doit pas dépasser 50 caractères, extension comprise</font><br>";
				$fichier= 'nan';
			   }
			   if($fichier == 'ok') {
					$kebab="../images/$nomfichier";
					move_uploaded_file($_FILES['icon']['tmp_name'], $kebab);
					chmod($kebab, 0777);
					$query="UPDATE forums SET icone='$nomfichier' WHERE forum_id='$idfrum_select'";
					mysql_query($query) or die("error: $query");
			   }
		  }*/
	 }
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="fr" dir="ltr"><head>
<meta charset="utf-8">
<title>Admin forums</title>
<link rel="stylesheet" type="text/css" href="fourum.css">
<script type="text/javascript">
function verif() {
 if(document.formul.suppr.checked==true)
   return confirm("Veux-tu vraiment atomiser ce forum innocent?");
 return true;
}
</script>
</head>
<?php main_body($mysqli); ?>
<p align='center'><div class='boite'>
<a href='../index.php'>Index du fourum</a></div> <div class='boite'><a href='forums.php'>forums</a> 
</div> <div class='boite'><a href='smileys.php'>Smileys</a> 
</div> <div class='boite'><a href='rangs.php'>Rangs</a></div> <div class='boite'><a href='gens.php'>Permissions/ban</a> </div>
<br><br><br></p>
<?php
if(@$_GET['mod']=="new") { //nouveau frum
	 echo"<form action='forums.php' method='post' name='formul'><p align='center'>Nom: <input type='text' name='nom'>
	Ordre: <input type='text' name='ordr' size='2' > Catégorie :  <select name='categ'>";

	$result =  mysqli_query_with_error($mysqli, "SELECT * FROM forum_categories ORDER BY cat_id;");
	while($ligne = $result->fetch_assoc())
		echo"<option value='{$ligne['cat_id']}'>{$ligne['cat_title']}";

	echo "</select><br><br>
	Description: <br><textarea cols='30' rows='7' name='desc'></textarea><br><br>Verouillage: <select name='verouillage'>
	<option value='0'>Déverouillé<option value='1'>
	Vérouillé</select><br><br>Vue:  <select name='vue'><option value='0'>Public<option value='2'>
	Privé</select> Post:  <select name='postage'><option value='1'>
	Enregistré<option value='0'>Tous</select><br><br><input type='hidden' name='idforum' value='$idfrum'>
	<input type='submit' value='New' name='modif'></form></p><br>";
}

if($idfrum!= 0) { //modif
	 $frum = get_line_in_db($mysqli, "forums", "forum_id", $idfrum);
	 $nom = get_data_propre_sortie_db($frum['forum_name']);
	 $desc = get_data_propre_sortie_db($frum['forum_desc']);
	 echo"<form action='forums.php' method='post' name='formul' enctype='multipart/form-data'><p align='center'>Nom: 
	<input type='text' name='nom' value='$nom'>Ordre: <input type='text' name='ordr' size='2' value='{$frum['forum_order']}'> Catégorie :  <select name='categ'>";

	$result =  mysqli_query_with_error($mysqli, "SELECT * FROM forum_categories ORDER BY cat_id;");
	while($ligne = $result->fetch_assoc()){
		echo"<option value='{$ligne['cat_id']}'";
		if($ligne['cat_id'] == $frum['cat_id']) echo " selected";
		echo ">{$ligne['cat_title']}";
	}

	echo "</select><br><br>
	Description: <br><textarea cols='30' rows='7' name='desc'>$desc</textarea><br><br>
	Icone: <input type='hidden' name='MAX_FILE_SIZE' value='200000'><input type='file' name='icon'><br><br>Verouillage: <select name='verouillage'>
	<option value='0'>Déverouillé<option value='1'";
	 if($frum['forum_status'] =='1')
	  echo "selected";
	 echo ">Vérouillé</select><br><br>Vue:  <select name='vue'><option value='0'>Public<option value='2'";
	 if($frum['auth_view'] =='2')
	  echo "selected";
	 echo ">Privé</select> Post:  <select name='postage'><option value='0'>Tous<option value='1'";
	 if($frum['auth_post'] !='0')
	  echo "selected";
	 echo ">Enregistré</select><br><br><input type='checkbox' name='suppr' value='1'>Supprimer <select name='direct'>";

	$result =  mysqli_query_with_error($mysqli, "SELECT * FROM forums ORDER BY forum_order;");
	while($ligne = $result->fetch_assoc()){
		if($ligne['forum_id'] == $idfrum) continue;
		echo"<option value='{$ligne['forum_id']}'>{$ligne['forum_name']}";
	}

	 echo "</select> acceuillera les topics<br><br><input type='hidden' name='idforum' value='$idfrum'>
	<input type='submit' value='Modif' name='modif' onclick='return verif();'></form></p><br>";
}

//affichage du tablo
 echo"<a href='forums.php?mod=new' style='border: 3px ridge blue;'>Nouveau</a><div style='margin-top:10px; border:1px solid pink; font-weight: bold;'>
 <div style='float: left; width:630px;'>Nom</div><div style='float: left; margin-left:20px;'>Categorie</div><div style='float: left; margin-left:20px;'>ordre</div>
<div style='float: left; margin-left:20px;'>verouillage</div><div style='margin-left:820px;'>Editer</div></div>";

$result =  mysqli_query_with_error($mysqli, "SELECT * FROM forums ORDER BY cat_id, forum_order;");
while($ligne = $result->fetch_assoc()) {
	$nom = get_data_propre_sortie_db($ligne['forum_name']);
	$desc = get_data_propre_sortie_db($ligne['forum_desc']);
	echo"<div style='margin-top:40px;'><div style='float: left; width:650px;'><span style='color: #BB00FF; font-size: 20px;'>
	$nom</span><br>$desc</div><div style='float: left; margin-left:20px;'>{$ligne['cat_id']}</div><div style='float: left; margin-left:20px;'>{$ligne['forum_order']}</div>
	<div style='float: left; margin-left:50px;'>{$ligne['forum_status']}</div><div style='margin-left:820px;'>
	<a href='forums.php?id={$ligne['forum_id']}'>Editer</a></div><br></div>";
}
?>
</body></html>